Networking
Configuring Routing
Cisco ISA500 Series Integrated Security Appliances Administration Guide 153
4
Use the Networking > Routing > Policy Based Routing page to configure
Policy-Based Routing (PBR). PBR specifies the internal IP and/or service going
through a WAN port to provide more flexible and granular traffic handling
capabilities. Up to 100 Policy-Based Routing rules can be configured on the
security appliance.
This feature can be used to segregate traffic between links that are not of the
same speed. High volume traffic can be routed through the port connected to a
high speed link and low volume traffic can be routed through the port connected
to the slow link. For example, although HTTP traffic is typically routed through
WAN1, by using PBR you can bind the HTTP protocol to WAN1 and bind the FTP
protocol to WAN2. In this case, the security appliance automatically channels FTP
data through WAN2.
If multiple routing features operate simultaneously, the security appliance first
matches the Policy-Based Routing rules, and then matches the Static Routing and
default routing rules. For example, if the WAN redundancy is set as the Weighted
Dual WAN Settings and the Policy-Based Routing and Static Routing rules are
configured, the routing priority works as follows:
1. If traffic cannot match the Policy-Based Routing or Static Routing rules, traffic
follows the Weighted Dual WAN Settings.
2. If traffic A matches the Policy-Based Routing or Static Routing rules, it will first
be handled by the Policy-Based Routing or Static Routing rules, while other
traffic follows the Weighted Dual WAN Settings.
NOTE Make sure that you configure a secondary WAN connection and that the WAN
redundancy is set to Dual WAN Settings or Routing Table mode before you
configure the Policy-Based Routing settings.